On Mon, 2009-03-23 at 21:14 +0100, Pau Ruŀlan Ferragut wrote: > The git migration is on its final stages but I can't find any document on how > did you manage to administrate the users. What kind of infrastructure do you > have in order to allow push?
We're just using the same infrastructure as we used for SVN. Essentially: - We have an admin-only interface (Mango) for user management, and use 'rt' to track requests for new accounts and account changes. - User information is stored in LDAP and accessed via nss-ldap. - SSH public keys are also stored in LDAP - We use scripts to write out SSH keys for users (in a look-aside read-only location.) For non-admin users, the SSH keys written on git.gnome.org restrict the user to running a single wrapper script that validates what the user as doing as a git operation or certain special commands (like create-repository) - GNOME does not have ACLs on repositories (except for certain repositories which are restricted to the sysadmin team.) So anybody, can push to any repository, assuming they have permission from the maintainer. ACLs could be added as part of our pre-receive scripts pretty easily if desired. Does that answer your question? - Owen _______________________________________________ gnome-infrastructure mailing list [email protected] http://mail.gnome.org/mailman/listinfo/gnome-infrastructure
